<?php
!defined('IN_AM') && exit('Access Denied');
class control extends base 
{
	function control() 
	{
		$this->base();
		$this->load_class('user');
	}
	function actionregister()
	{
		if(isset($_SESSION['user_id']))
		{
			$this->redirect('index.php?m=profile&a=view','1000','要注册,请先退出当前帐户');
			exit();
		}
		if(!empty($_POST))
		{
			$errorreport=array();
			$username=trim($_POST['username']);
			$password=trim($_POST['password']);
			$password2=trim($_POST['password2']);
			$email=trim($_POST['email']);
			if(strlen($username)<4||strlen($username)>16)
				$errorreport[]='您输入的用户名过短或过长';
			else
			{
				$result= $_ENV['user']->check_username($username);
				if($result)
				{
					$errorreport[]='您输入的用户名已存在';
				}
			}
			if(strlen($password)<6||strlen($password)>16)
					$errorreport[]='您输入的密码过长或过短';
			if($password!=$password2)
				$errorreport[]='您两次输入的密码不相同';
			if(!eregi('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,5}$',$email))
				$errorreport[]='您输入的EMAIL不符合格式';
			if(empty($errorreport))
			{
				$password = md5($password);
				$row = array(
								'username'=>"$username",
								'password'=>"$password",
								'email'=>"$email"
								);
				$userid=$_ENV['user']->register($row);
				$result = '1';
				$_SESSION['user_name'] = $username;
				$_SESSION['user_id'] = $userid;
				$_SESSION['level'] = 1;
				echo json_encode($result);
				exit();
			}
			else
			{
				echo json_encode($errorreport);
				exit();
			}
		}
		$this->view->display('register.htm');
	}
	function actioncheck_username()
	{
		if(!empty($_POST))
		{
			$username = escape($_POST['username']);
			$arr = $_ENV['user']->check_username($username);
			if(!$arr)
				$reback = 1;
			else
				$reback = 0;
			echo json_encode($reback);
			exit();
		}
	}
	function actionlogin()
	{
		if(!empty($_SESSION['user_id']))
		{
		$this->redirect('index.php?m=profile&a=view',0,'您已经登陆了');
		exit();
		}
		if(!empty($_POST)){
				$username = trim($_POST['username']);
				$password = md5(trim($_POST['password']));	
				$userdata = $_ENV['user']->login($username,$password);
				if($userdata)
				{
					$id = $userdata['user_id'];
					$level = $userdata['level'];
					$_SESSION['user_id'] = $id;
					$_SESSION['user_name'] = $username;
					$_SESSION['level']  = $level;
				}
				else
				$id=0;
				echo json_encode($id);
				exit();
			}
		$this->view->display('login.htm');
	}
	function actionlogout()
	{
		session_destroy();
		unset($_SESSION);
		$this->redirect('index.php','1000','成功退出');
	}
	function actionchangepass()
	{
		if(!empty($_POST))
		{
			$username = trim($_SESSION['user_name']);
			$oldpass = md5(trim($_POST['oldpass']));		
			$newpass = md5(trim($_POST['newpass']));
			$result = $_ENV['user']->changepass($username,$oldpass,$newpass);
			if($result)
			{
				session_destroy();
				unset($_SESSION);
				$this->redirect('index.php?m=user&a=login',4000,'成功更改密码，请重新登录');
				exit();
			}
			else
			{
				$this->redirect('index.php?m=profile&a=manage',4000,'更改失败，请重试');
				exit();
			}
		}
	}
	function actionnew_user()
	{
		$page = is_numeric(getgpc('page','G'))?intval(getgpc('page','G')):'1';
		$perpage =12;
		$from = ($page-1)*$perpage;
		$num = $_ENV['user']->get_count();
		$userdata = $_ENV['user']->get_hot($from,$perpage);
		$multi = $this->multi($num,$perpage,$page,'index.php?m=user&a=new_user','page');
		$this->view->assign('multi',$multi);
		$this->view->assign('userdata',$userdata);	
		$this->view->display('new_user.htm');
	}
}
?>